class PersonController extends ControllerBase {

    def beforeInterceptor = [ action: this.&intercept, except: [ 'logout', 'list', 'show', 'create' ] ]
        
    def list = {
        makePersonList()
    }

    def show = {
        def person = Person.get(params.id)
        if (!person) {
            flash.message = "Person not found"
            redirect(action: list)
        }
        else { 
            return [ person : person ] 
        }
    }

    def delete = {
        def person = Person.get(params.id)
        if (person && person.id == session.personId) {
            person.delete()
            session.personId = null
            flash.message = "Person ${person.name} deleted"
            redirect(action: list)
        }
        else {
            flash.message = "Person not deleted"
            redirect(action: list)
        }
    }

    def edit = {
        def person = Person.get(params.id)
        if (!person) {
            flash.message = "Person not found"
            redirect(action: list)
        }
        else {
            return [ person : person ]
        }
    }

    def update = {
        def person = Person.get(params.id)
        if (person && person.id == session.personId) {
            params.name = person.name // name is read only
            person.properties = params
            if (!person.hasErrors() && person.save()) {
                flash.message = "Person ${person.name} updated"
                redirect(action: show, id: person.id)
            }
            else {
                render(view: 'edit', model: [ person: person ])
            }
        }
        else {
            flash.message = "Person not updated"
            redirect(action: list)
        }
    }

    def create = {
        def person = new Person()
        person.properties = params
        [ person: person ]
    }

    def save = {
        def person = new Person(params)
        def password = params.password?.trim()
        def passwordConfirmation = params.passwordConfirmation?.trim()
        if (password && password != passwordConfirmation) {
            person.errors.rejectValue('password', 'person.password.match',
                ['password', 'Person', password] as Object[],
                'Property [{0}] of class [{1}] does not match the confirmation')
        }
        if (!person.hasErrors() && person.save()) {
            session.personId = person.id
            flash.message = "Person ${person.name} created"
            redirect(action: show, id: person.id)
        }
        else {
            render(view: 'create', model: [ person: person ])
        }
    }

    boolean intercept() {
        def methods = actionMethods()
        if (methods && (flash.warning = validMethod(methods))) {
            redirect(action: 'list')
            return false
        }
        if (actionName == 'save' || actionName == 'login') {
            return true
        }
        if ((flash.warning = samePerson())) {
            redirect(action: 'list')
            return false
        }
        true
    }
    
    String samePerson() {
        if (!session.personId) {
            return message(code: 'intercept.not.loggedin')
        }
        def person = Person.get(params.id)
        if (person && person.id == session.personId) {
            return null
        }
        message(code: 'intercept.not.owner.person')
    }
    
    def makePersonList() {
        prepareList()
        [ list: Person.list(params), paginateCount: Person.count() ]
    }
}
